General
-
Target
24568f521777a9ce638b44bee8bd6d56_JaffaCakes118
-
Size
213KB
-
Sample
240704-c11ahazdqn
-
MD5
24568f521777a9ce638b44bee8bd6d56
-
SHA1
be66c7ebbfa4d705da7a41dd8ff8289fdf12fd65
-
SHA256
097d919fb061ccde8a8c725c626ce87282e5049789cd05b1d413ba936e322bed
-
SHA512
c6c44f2f323f379486c3d7b27e0b6e6f766c7a152cd1ca15c702e58a953cb8cddf8a573cf2b9d972087143531d569130e867dbed6738293f38c2692d189151dd
-
SSDEEP
3072:sr85CDVP6CIqmpRvFLifSC1EKyAqiv/sZpMmZMCNZDgKlGD7rmk:k90RpRvFLiEtTZqmZZNpngXmk
Behavioral task
behavioral1
Sample
24568f521777a9ce638b44bee8bd6d56_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
24568f521777a9ce638b44bee8bd6d56_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
24568f521777a9ce638b44bee8bd6d56_JaffaCakes118
-
Size
213KB
-
MD5
24568f521777a9ce638b44bee8bd6d56
-
SHA1
be66c7ebbfa4d705da7a41dd8ff8289fdf12fd65
-
SHA256
097d919fb061ccde8a8c725c626ce87282e5049789cd05b1d413ba936e322bed
-
SHA512
c6c44f2f323f379486c3d7b27e0b6e6f766c7a152cd1ca15c702e58a953cb8cddf8a573cf2b9d972087143531d569130e867dbed6738293f38c2692d189151dd
-
SSDEEP
3072:sr85CDVP6CIqmpRvFLifSC1EKyAqiv/sZpMmZMCNZDgKlGD7rmk:k90RpRvFLiEtTZqmZZNpngXmk
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-